Obama Announces White House Cybersecurity Position
Names that have been bandied about include acting White House cybersecurity chief Melissa Hathaway and Microsoft VP Scott Charney.
However, management headaches could become a stumbling block for the new cyberczar. Two members of Congress who recently wrote a bill urging the creation of such a position applauded Obama's move, but cautioned that the new cybersecurity official should report directly to the president. "There is no room for bureaucratic turf battles," Sens. John D. Rockefeller IV, D-W.Va., and Olympia Snowe, R-Maine, said in a statement. As of now, it seems the cybersecurity coordinator will report to the national security adviser as part of the newly formed national security staff as well as to the director of the national economic council.
The new official will also work closely with the Office of Management and Budget to ensure that agency budgets properly reflect the administration's cybersecurity priorities, and will work with federal CTO Aneesh Chopra and federal CIO Vivek Kundra to ensure that cybersecurity work lines up well with other federal technology endeavors. For example, Obama said, the coordinator will help develop clear metrics to measure cybersecurity progress. Kundra and other observers have argued for better measurement of the effectiveness of government agency cybersecurity efforts.
Despite the role as coordinator, if the president follows the recommendations of the 60-day cybersecurity review, which was led by acting White House cybersecurity chief Melissa Hathaway, the new official would not have any "operational responsibility or authority, nor the authority to make policy unilaterally," instead relying on partnership and interagency coordination to help "harmonize cybersecurity-related policy and technology efforts" and "develop a legislative agenda" in concert with the CTO, CIO, and a slew of other officials. However, Hathaway did recommend that the new official develop a comprehensive cybersecurity strategy for the president to consider.
Another priority for the cybersecurity coordinator, Obama said, will be to lead the government response to major cyberattacks. There has been some lack of clarity here over the years, as the Department of Defense, Department of Homeland Security, and National Security Agency have variously claimed rank on response to cyberattacks, recently causing Rod Beckstrom, director of the National Cyber Security Center at the Department of Homeland Security, to resign.
It's unclear when Obama will name the new cybersecurity adviser. Names that have been bandied about include Hathaway; Microsoft VP Scott Charney; and Paul Kurtz, former White House Homeland Security Council senior director for critical infrastructure protection.
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?